ebb20915915b6d16a43bacebad347086609b6c9fecc77429cc53cf6a9f949925

Sharing

Copy URL

Twitter E-mail

General

Target

ebb20915915b6d16a43bacebad347086609b6c9fecc77429cc53cf6a9f949925
Size

228KB
MD5

4f2b8c28bfbf3a9034f5c061fa75ed50
SHA1

6c90c5dce94d5413d63e78075bf4f43ad17d6e9f
SHA256

ebb20915915b6d16a43bacebad347086609b6c9fecc77429cc53cf6a9f949925
SHA512

486987800c9b7704bd8ab5a86053a1cf8b2867166d0c5839c24d301a485b7ad5aa082f82261663fd38f016a0a94845eefbb4afa3efb3b1ab75e588cf5866eb4d
SSDEEP

3072:tDB8FBASHiVRVwPs2DMaEJ39aHwJdMcnS1e+peNfrMZCA83HLIpUpFn:n84SCR8sMfExQubzr0CA83rIpUn

Score

N/A

Malware Config

Signatures

Files

ebb20915915b6d16a43bacebad347086609b6c9fecc77429cc53cf6a9f949925
.dll regsvr32 windows x86

569d6add8e94bd7301b1c15d67fed0b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
HeapDestroy
GetTickCount
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
lstrlenW
GetShortPathNameA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
HeapAlloc
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
RaiseException
HeapFree
GetCommandLineA
RtlUnwind
WaitForSingleObject
ReadFile
InitializeCriticalSection
DisableThreadLibraryCalls
lstrcmpiA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
lstrcatA
LoadLibraryA
GetProcAddress
GlobalFree
GlobalAlloc
GlobalLock
GetEnvironmentStrings
GlobalUnlock
SetLastError
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetFileAttributesA
GetLastError
GetEnvironmentStringsW
GetVersionExA
CompareStringW
CompareStringA
CloseHandle
SetFilePointer
CreateFileA
WriteFile
lstrcpynA
FindFirstFileA
FindClose
GetWindowsDirectoryA
GetVersion
Sleep
InterlockedExchange
GetLocalTime
GetCurrentProcessId

user32

wsprintfA
ScreenToClient
GetWindowRect
CopyRect
OffsetRect
DrawTextA
GetDlgCtrlID
GetDlgItemTextA
GetWindowDC
EnumChildWindows
IntersectRect
GetClassNameA
MessageBeep
BeginPaint
EndPaint
SendMessageA
UpdateWindow
GetWindow
SystemParametersInfoA
MapWindowPoints
CreateDialogIndirectParamA
GetWindowPlacement
ClientToScreen
GetSystemMetrics
SetFocus
SetDlgItemTextA
GetParent
InvalidateRect
DialogBoxParamA
GetSystemMenu
RemoveMenu
LoadStringA
AppendMenuA
GetClientRect
GetClassInfoExA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
CallWindowProcA
DefWindowProcA
CreateWindowExA
LoadIconA
ShowWindow
SetWindowRgn
IsIconic
DestroyWindow
GetDesktopWindow
EnableWindow
SetCapture
LoadCursorA
SetCursor
ReleaseCapture
SetWindowTextA
IsWindow
GetDC
ReleaseDC
GetWindowLongA
SetWindowLongA
SetWindowPos
MoveWindow
GetDlgItem
GetSysColor
FillRect

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
BitBlt
DeleteDC
DeleteMetaFile
GetTextExtentPoint32A
GetStockObject
Rectangle
CreateRectRgn
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
DeleteObject
SaveDC
SelectObject
SetBkMode
SetTextColor
TextOutA
RestoreDC
EnumFontFamiliesExA

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

ole32

StringFromCLSID
CoTaskMemFree
ProgIDFromCLSID

oleaut32

GetErrorInfo
CreateErrorInfo
SetErrorInfo
SysReAllocStringLen
SysStringLen
SysAllocStringLen
LoadRegTypeLi
SysAllocString
SysFreeString

winmm

sndPlaySoundA
mciSendCommandA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

569d6add8e94bd7301b1c15d67fed0b0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

winmm

version

shell32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 12KB - Virtual size: 10KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 12KB - Virtual size: 10KB

.rmnet
Size: 60KB - Virtual size: 60KB